SSH Server Key: best practices

Upon installation, Syncplify.me Server! auto-generates a 1024 bit SSH Server Key, and that is enough for most users and most scenarios.

But some of our users may have higher needs in terms of bit-length (2048 or even 4096) or may need to use a specific SSH Server Key provided by a third party. This article covers such scenarios.

If you only need a higher bit-length, the easiest way is to generate a new SSH Server Key from within the Configuration Manager. In order to do so, simply click the “gear” button next to the SSH Server Key field, as shown in the picture below:

generatekey1

A small window will pop up, asking for the bit-length of the new server key you want to generate. Simply select the desired bit-length and click the “Generate” button. That’s it.

generatekey2

But there are more complex scenarios, where some of our customers may need to import a SSH Server Key provided by a third party (for trust-related reasons). In this case the procedure is slightly longer.

The first step is to have your trusted third party generate the key-pair for you. This can be done using a variety of software tools (most of them are totally free); in this example we show how to do it using PuTTYgen.

The first step is to run PuTTYgen, select the desired bit-length, the algorithm (SSH2-RSA) and click the “Generate” button.

puttygen1

PuTTYgen requires the user to generate some randomness by moving the mouse over a certain area of the window, until the certificate generation is complete.

puttygen2

Once the generation is complete, your trusted third party needs to save the key-pair (not just the public key) and this is done by clicking the “Save private key” button.

puttygen3

In our example we have saved the key-pair on the desktop. Please note that the file will have a “.ppk” extension, as shown in the picture below.

puttygen4

Now the trusted third party needs to transfer/send the PPK file to the system administrator who is in charge of managing the Syncplify.me Server! instance.

Upon receipt of the PPK file, the Syncplify.me Server!’s administrator will need to import it by pushing the “…” button next to the SSH Server Key field, as shown in the picture below.

importkey

Syncplify.me Server! will start using the new server key immediately.

Print Friendly
Bookmark the permalink.

Comments are closed